Last week, I wrote about Princeton DRM researcher Alex Halderman's work on Suncomm's MediaMax, a piece of malware that accompanies the XCP rootkit on many of Sony's DRM CDs. Like the rootkit, Suncomm's software spies on your music usage and finks you out to Sony without your knowledge and consent.
But beware. If you try to uninstall the Suncomm MediaMax trojan using the official tool provided by Suncomm, you'll leave your computer with a huge back-door vulnerability, due to the negligent incompetence of Suncomm's programmers.
When you visit the SunnComm uninstaller web page, you are prompted to accept a small software component–an ActiveX control called AxWebRemoveCtrl created by SunnComm. This control has a design flaw that allows any web site to cause it to download and execute code from an arbitrary URL. If you've used the SunnComm uninstaller, the vulnerable AxWebRemoveCtrl component is still on your computer, and if you later visit an evil web site, the site can use the flawed control to silently download, install, and run any software code it likes on your computer. The evil site could use this ability to cause severe damage, such as adding your PC to a botnet or erasing your hard disk.
Halderman has written a remover for Suncomm's software that doesn't screw up your computer blocker that stops Suncomm's uninstaller from running, but that leaves you with Suncomm's malware on-board. Don't run the software from Suncomm if you value your data.
And don't forget how your computer got screwed up: Sony punished you for doing the honest thing and buying a CD from them instead of downloading your music from an unauthorized source.
Next time you'll know better.
Link, Sony Rootkit Roundup Part I, Sony Rootkit Roundup Part II
